burnaware76_free.exe

BurnAware Free

Burnaware

The application burnaware76_free.exe, “BurnAware Free Installation ” by Burnaware has been detected as a potentially unwanted program by 6 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. This file is typically installed with the program Toolwiz Time Freeze 2014 by ToolWiz. The installer uses the OpenCandy monitzation platform which will donwload and install offers in the setup for potentially unwanted software including ad/search-supported toolbars.
Publisher:
Burnaware   (signed by Burnaware)

Product:
BurnAware Free

Description:
BurnAware Free Installation

Version:
7.6.0.0

MD5:
7b43194cd66e3039b5b79cd14c20baba

SHA-1:
432236a42d578a8200d06cc1484a58e690930493

SHA-256:
be338b9ad63ffc56f1192ce8804ebf9aba5e107670f2f38779fe5d2b32d296ff

Scanner detections:
6 / 68

Status:
Potentially unwanted

Explanation:
Packages the OpenCandy software bundler that offers to install additional software and may include web browser add-ons and toolbars which display advertising (based on publisher settings and geo context).

Analysis date:
12/24/2024 11:36:04 AM UTC  (today)

Scan engine
Detection
Engine version

AVG
AdLoad.OpenCandy
2015.0.3292

Dr.Web
Adware.OpenCandy.39
9.0.1.0317

ESET NOD32
Win32/OpenCandy (variant)
8.10716

Fortinet FortiGate
Riskware/OpenCandy
11/13/2014

Reason Heuristics
PUP.OpenCandy.Installer (L)
16.12.1.23

VIPRE Antivirus
Trojan.Win32.Generic
34748

File size:
6.9 MB (7,244,992 bytes)

Product version:
7.6.0.0

Copyright:
Copyright © 2014 Burnaware.

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\burnaware76_free.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
11/5/2014 1:00:00 AM

Valid to:
11/6/2019 12:59:59 AM

Subject:
CN=Burnaware, O=Burnaware, STREET=Krylatskie Kholmy 39-2, L=Moscow, S=Moscow, PostalCode=121614, C=RU

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
34A57A0F0BF4B55CCD6F48728FA63980

File PE Metadata
Compilation timestamp:
7/9/2014 9:58:13 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
196608:8mjMMN4F20t/hMIAuRzfqh0QPHvi40Xi60Ocx51V:8m+Q0hCIAuRzA0QvOF5cx5L

Entry address:
0x113BC

Entry point:
55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, 2C, 00, 41, 00, E8, E8, 51, FF, FF, 33, C0, 55, 68, 9E, 1A, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 5A, 1A, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, 5B, 41, 00, E8, 16, D8, FF, FF, E8, 65, D3, FF, FF, 80, 3D, DC, 2A, 41, 00, 00, 74, 0C, E8, 2B, D9, FF, FF, 33, C0, E8, 80, 32, FF, FF, 8D, 55, EC, 33, C0, E8, E2, A3, FF, FF, 8B, 55, EC, B8, 50, 86...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
63.5 KB (65,024 bytes)

The file burnaware76_free.exe has been discovered within the following program.

www.Toolwiz.com
About 1% of users remove it
 
Powered by Should I Remove It?

The file burnaware76_free.exe has been seen being distributed by the following 10 URLs.

http://www.burnaware.com/.../burnaware_free.exe

Remove burnaware76_free.exe - Powered by Reason Core Security